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DETAILED ACTION 

Specification 

1 . The disclosure is objected to because of the following informalities: 

The use of the term "ISO" to describe the network model is incorrect and all of 
these terms should be replaced with - OSI - to make use of the Open Systems 
Interconnection Reference Model. 

The term "catch" on line 5 of page 5 is misspelled and should be replaced with - 
cache --. 

Appropriate correction is required. 

Claim Objections 

2. Claims 1-10, and 25 are objected to because of the following informalities: 
Regarding claim 1 , the phrase "at least one packet" in line 6 should be replaced 

with - at least one of the packets - to establish proper antecedent basis. The phrase 
"said received packet characteristics" on line 7 has not been defined and should be 
replaced with - received packet characteristics ~. The phrase "the characteristics" on 
line 9 should be replaced with - the received packet characteristics -. The phrase "said 
received packets" on line 9 has not been defined and should be replaced with - 
received packets Also, the term "the correlation" on line 1 1 has not been defined and 
should be replaced with - the correlating step The phrase "the received packet" on 
line 1 1 has not been defined and should be replaced with - a received packet -. 
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Regarding claim 2, the phrases "the received packet" and "said received packet" 
on line 13 have not been defined and the first phrase should be replaced with - a 
received packet 

Regarding claim 5, the term "the acts" in line 19 should be replaced with - acts - 
. The term "packets" on line 2 should be replaced with - the packets - to establish 
proper antecedent basis. 

Regarding claim 9, the term "the stored action" on line 1 1 is singular and needs 
to be replaced with - the stored actions - to establish proper antecedent basis. 

Regarding claim 25, the term "instructions" on line 3 should be replaced with - 
the instructions--. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 23-26 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 23 is directed towards a program 
product including a medium on which a computer program is recorded with instructions 
thereon. A computer program alone is non-statutory subject matter, being non- 
functional descriptive material. In order for a claim to be statutory, it has to be a system, 
method, manufacture, or composition of matter, and produce concrete, tangible, and 
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useful results. A computer program alone does not fall into a statutory category of 
invention and does not produce result alone. Dependent claims 24-26 are rejected for 
the same. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1-7, 9-10, and 22-29 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Zenchelsky et al. (US 6,173,364 B1). 

Regarding claim 1 , Zenchelsky et al. discloses a method for managing traffic in a 
communications network comprising acts of: (a) providing, in a network device, a cache 
containing at least predefined characteristics associated with packets and actions 
paired with selected ones of said predefined characteristics (column 3, lines 63-67 and 
column 4, lines 1-2, where the key is a predefined characteristic and actions are paired 
together with it in the cache, the cache being used for filtering packets in a 
communication network, and is in a network device as seen in column 1, lines 51-59, a 
network device being a filter); (b) receiving at least one packet in said network device 
(column 1 , lines 60-62); (c) selecting from said received packet characteristics similar to 
the at least predefined characteristics (column 1, lines 60-66); (d) correlating the 
characteristics selected from said received packet with the predefined 
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characteristics (column 4, lines 2-6); and (e) using results from the correlation to 
process the received packet (column 4, lines 6-8). 

Regarding claim 2, Zenchelsky et al. discloses the method of claim 1 wherein 
the process includes enforcing the paired action against the received packet if the 
characteristics of said received packet matches the at least predefined characteristics 
(column 4, lines 6-8). 

Regarding claim 3, Zenchelsky et al. discloses the method of claim 1 or claim 2 
wherein the at least predefined characteristics include Internet Protocol (IP) Destination 
Address (DA), IP Source Address (SA), Transmission Control Protocol (TCP) 
Destination Port (DP) and TCP Source Port.(SP) (column 2, lines 1-25, with the filtering 
being based on source address and port and destination address and port). 

Regarding claim 4, Zenchelsky et al. discloses the method of claim 1 wherein 
the correlating act includes comparing (column 4, lines 2-3, wherein matching is 
equivalent to comparing). 

Regarding claim 5, Zenchelsky et al. discloses a method comprising the acts of: 
providing in a memory a mapping of predefined characteristics associated with packets 
and actions to be performed (column 3, lines 63-67 and column 4, lines 1-2, where the 
keys are predefined characteristics and the action are paired together in the memory); 
receiving packets to be classified (column 4, lines 2-3); correlating selected 
characteristics of received packets with the predefined characteristics (column 4, lines 
2-4); and performing stored actions on said received packets, if the selected 
characteristics match the predefined characteristics (column 4, lines 6-8). 
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Regarding claim 6, Zenchelsky et al. discloses the method of claim 5 wherein 
the correlating act includes comparing (column 4, lines 2-3, wherein matching is 
equivalent to comparing). 

Regarding claim 7, Zenchelsky et al. discloses the method of claim 5 wherein 
the predefined characteristics include Source Address (SA), Destination Address (DA), 
Source Port (SP), and Destination Port (DP) (column 2, lines 1-25, with the filtering 
being based on source address and port and destination address and port). 

Regarding claim 9, Zenchelsky et al. discloses the method of claim 5 wherein 
the stored actions associated with predefined characteristics are updated only from a 
first packet of a group of packets (column 3, lines 65-67 to column 4, lines 1-2, where a 
filter rules are applied only to a first packet in a message that shares a same key and 
the cache is updating only from the filter rule base). 

Regarding claim 10, Zenchelsky et al. discloses the method of claim 9 wherein 
the stored actions are being performed on all packets following the first packet of the 
group of packets (column 4, lines 8-10). 

Regarding claim 22, Zenchelsky et al. discloses a system including a memory 
that stores a mapping between predefined characteristics of packets and actions to be 
performed for a subset of the set of all characteristic values (column 3, lines 63-67, 
where the key is the predefined characteristic paired with an action, and the memory is 
derived from a filter rule base, therefore containing a subset of characteristics derived 
from already received packets); and a controller that correlates characteristics in a 
received packet with the predefined characteristics and performing the actions on said 



Application/Control Number: 10/662,007 Page 7 

Art Unit: 2109 

received packet if the characteristics match the predefined characteristics (column 4, 
lines 2-8, where the received packet is searched against the predefined characteristics 
and the paired action is applied to the packet if a match is found). 

Regarding claim 23, Zenchelsky et al. discloses a program product including a 
medium on which a computer program is recorded, said program including instructions 
that correlate characteristics of a received packet with characteristics in a table (column 
4, lines 2-4, where a cache memory is searched for a matching entry, seen as 
characteristics in a table, when a packet is received), said table containing a subset of 
all possible characteristic values (column 3, lines 63-67, where the cache memory is 
derived from a filter rule base, therefore containing a subset of characteristics derived 
from already received packets); and instructions to enforce an action stored in said table 
on the received packet if the characteristics of the received packet and the 
characteristics in the table match (column 4, lines 6-8, where the received packet is 
searched against the predefined characteristics and the paired action is applied to the 
packet if a match is found). 

Regarding claim 24, Zenchelsky et al. discloses the program product of claim 23 
further including instructions to generate the table containing the characteristics and 
associated actions (column 3, lines 63-67 and column 4, lines 1-2, where generating the 
table consists of adding a cache entry for each first packet received). 

Regarding claim 25, Zenchelsky et al. discloses the program product of claim 24 
further still including instructions to maintain the table (column 5, lines 1-12, where using 
the version numbers to eject outdated session entries is seen as maintaining the table). 
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Regarding claim 26, Zenchelsky et al. discloses the program product of claim 25 
wherein the instructions to maintain further includes instruction to delete aged entries 
and insert new entries (column 5, lines 35-39). 

Regarding claim 27, Zenchelsky et al. discloses the method of claim 1 wherein 
the at least one packet received in (b) satisfies a Frequent Flyer criteria of being one 
packet within a short burst of packets belonging to the same session (column 4, lines 1- 
6, where the first packet received is part of a series of packets with the same key). 

Regarding claim 28, Zenchelsky et al. discloses the system of claim 22 further 
including aging mechanism operatively coupled to the memory, said aging mechanism 
periodically deleting old entries from said memory (column 5, lines 35-39, where the 
aging mechanism is seen as the process that deletes the entries, which would have to 
have access to the memory itself). 

Regarding claim 29, Zenchelsky et al. discloses the system of claim 28 wherein 
old entries are being deleted based upon a predefined criteria (column 5, lines 1-11, 
with the predefined criteria being the version number). 
6. Claims 11-13 and 31-32 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Hughes et al. (US 5,842,040). 

Regarding claim 11, Hughes et al. discloses a system including a processor 
(column 2, lines 54-57); and a cache operatively coupled to said processor (column 3, 
lines 36-39), said cache storing a mapping between predefined characteristics of 
packets and actions wherein said processor executes a first program that causes said 
processor to correlate characteristics of selected packets with the predefined 
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characteristics (column 2, lines 57-60, where the policy is selected from a plurality of 
policies matched to the received PDU packet, these policies being seen as equivalent to 
characteristics of packets) and enforcing on said selected packets actions associated 
with predefined characteristics if characteristics from the selected packets match the 
predefined characteristics (column 3, lines 5-9, where the PDU has a policy applied to it 
from the policy cache). 

Regarding claim 12, Hughes et al. discloses the system of claim 1 1 wherein the 
predefined characteristics include Source Address (SA), Destination Address (DA), 
Source Port (SP) and Destination Port (DP) (column 5, lines 30-45, with the policies 
including filtering based on these criteria or any combination of criteria). 

Regarding claim 13, Hughes et al. discloses the system of claim 1 1 wherein the 
processor includes a network processor (column 2, lines 50-57, with any network device 
including a processor can perform this process). 

Regarding claim 31, Hughes et al. discloses a method of classifying packets in a 
communications network comprising acts of: (a) receiving packets in a network device 
(column 2, line 61); (b) determining data packets present in received packets (column 3, 
lines 15-24, with grouping the packets together by any field could include TCP flag 
information as seen in column 5, lines 34-44, and this classification can inherently 
determine if it's a data packet or a non-data packet (data packets do not set the 
Synchronize flag or the Finish flag)); (c) providing a cache in which predefined 
characteristics of packets and actions associated with selected ones of the predefined 
characteristics are stored (column 3, lines 36-39, where policy data is seen as 
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predefined characteristics); for each data packet so determined, correlating selected 
characteristics of said each data packet with the predefined characteristics' in said 
cache (column 3, lines 27-31); and for each data packet with selected characteristics 
matching one of the predefined characteristics imposing on said each data packet the 
action associated with said one of the predefined characteristics (column 3, lines 30-35, 
where policies are applied to matching packets with the matching policy information). 

Regarding claim 32, Hughes et al. discloses the method of claim 31 , wherein the 
packets include TCP/IP packets (column 14, lines 14-18). 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Zenchelsky et al. (US 6,173,364 B1) in view of Hughes et al. (US 5,842,040). 

Regarding claim 8, Zenchelsky et al. discloses all of the limitations as described 
above. Zenchelsky et al. does not disclose using data packets. The general concept of 
using data packets with a caching system is well known in the art as illustrated by 
Hughes et al. Hughes et al. discloses using data packets in his caching system that 
applies policies to data units that are sent through the system (column 2, lines 43-49, 
where a PDU is a protocol data unit and is seen as a data packet). It would have been 
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obvious to one of ordinary skill in the art at the time of invention to modify Zenchelsky et 
al. with using data packets as taught by Hughes et al. in order to use all kinds of 
packets as to increase system compatibility. 

9. Claims 14-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hughes et al. (US 5,842,040) in view of Guide to IP Layer Network Administration with 
Linux - Routing Cache. 

Regarding claims 14 and 15, Hughes et al. discloses all of the limitations as 
described above including having the packets used for caching include received 
packets as required by claim 15 (column 2, lines 63-65, with a PDU being a packet 
received). Hughes et al. does not disclose having a memory with a data structure 
stored thereon for a full packet search wherein a second program causes the processor 
to access the data structure and imposing in the selected packet an action stored in the 
data structure if a mismatch occurs between the predefined characteristics and the 
characteristics from the selected packets. The general concept of accessing a table to 
find an action for a packet if a mismatch occurs within the cache structure is well known 
in the art as illustrated by the Guide to IP Layer Network Administration. The Guide to 
IP Layer Network Administration discloses a routing cache scheme where the cache is 
consulted for a packet action before a routing table is consulted, and if the action is in 
the cache, that action will be performed (Chapter 4.7). This implies that if the cache 
does not contain the necessary information, a routing table will be searched for the 
action for the packet. It would have been obvious to one of ordinary skill in the art at the 
time of invention to modify Hughes et al. with searching a routing table in a memory if 
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the cache did not match correctly to the current packet as taught by the Guide to IP 
Layer Network Administration in order to use routing tables in addition to routing cache 
as to be able to route packets the device has not routed before. 
10. Claims 16-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hughes et al. (US 5,842,040) and Guide to IP Layer Network Administration with Linux - 
Routing Cache as applied to claims 14-15 above, and further in view of Bass et al. (US 
6,460,120 B1). 

Regarding claim 16, Hughes et al. and the Guide to IP Layer Network 
Administration disclose all of the limitations as described above except for using a full 
match algorithm to search the table. The general concept of using a full match 
algorithm is well known in the art as illustrated by Bass et al. Bass et al. discloses 
frame lookups in a table using a fixed match tree (column 8, lines 1-3, where a fixed 
match tree requires an exact match, which is seen as being equivalent to a full match). 
It would have been obvious to one of ordinary skill in the art at the time of invention to 
modify Hughes et al. and the Guide to IP Layer Network Administration with using a full 
match search algorithm as taught by Bass et al. in order to use known search 
algorithms to increase lookup speed of a packet. 

Regarding claim 17, Hughes et al. and the Guide to IP Layer Network 
Administration disclose all of the limitations as described above except for using a 
longest prefix match algorithm to search the table. The general concept of using a 
longest prefix match algorithm is well known in the art as illustrated by Bass et al. Bass 
et al. discloses frame lookups in a table using a longest prefix match tree (column 8, 
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lines 1-5). It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify Hughes et al. and the Guide to IP Layer Network Administration with 
using a longest prefix match search algorithm as taught by Bass et al. in order to use 
known search algorithms to increase lookup speed of a packet. 

Regarding claim 18, Hughes et al. and the Guide to IP Layer Network 
Administration disclose all of the limitations as described above except for using 
software managed tree algorithm to search the table. The general concept of using a 
software managed tree algorithm is well known in the art as illustrated by Bass et al. 
Bass et al. discloses frame lookups in a table using a software-managed tree (column 8, 
lines 1-8). It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify Hughes et al. and the Guide to IP Layer Network Administration with 
using a software managed tree search algorithm as taught by Bass et al. in order to use 
known search algorithms to increase lookup speed of a packet. 

Regarding claims 19 and 20, Hughes et al. and the Guide to IP Layer Network 
Administration disclose all of the limitations as described above except for having the 
memory internal or external to the processor. The general concept of placing the 
memory external or internal to a processor is well known in the art as illustrated by Bass 
et al. Bass et al. has memory external to the processors, but the combination of 
memory and processors create a network processor system (Abstract). It would have 
been obvious to one of ordinary skill in the art at the time of invention to modify Hughes 
et al. and the Guide to IP Layer Network Administration with using memory external to 
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the processor and also internal to the entire network processor as taught by Bass et al. 
in order to create a network processor in one physical unit as to save money and space. 

Regarding claim 21, Hughes et al. and the Guide to IP Layer Network 
Administration disclose all of the limitations as described above except for using a 
Direct Table and Patricia tree as the data structure. The general concept of using a 
Direct Table and Patricia tree is well known in the art as illustrated by Bass et al. Bass 
et al. discloses a frame lookup method using a Direct Table and Patricia Tree (column 
25, lines 54-61 ). It would have been obvious to one of ordinary skill in the art at the time 
of invention to modify Hughes et al. and the Guide to IP Layer Network Administration 
with using a Direct Table and Patricia tree as taught by Bass et al. in order to use 
known data structures to increase lookup speed of a packet and compatibility 
1 1 . Claim 30 is rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Zenchelsky et al. (US 6,173,364 B1) in view of Lubkin et al. (US 5,339,435). 

Regarding claim 30, Zenchelsky et al. discloses all of the limitations as 
described above except for deleting recently used entries when memory is full and a 
new entry needs to be added. The general concept of deleting entries to free memory 
and to replace the entries with new ones is well known in the art as illustrated by Lubkin 
et al. Lubkin et al. discloses a memory management system that deletes the entries 
when the cache is full and inserts a new entry as well (column 21 , lines 3-6). It would 
have been obvious to one of ordinary skill in the art at the time of invention to modify 
Zenchelsky et al. with this cache management as taught by Lubkin et al. in order to 
make use of memory as to increase capacity of the cache. 
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12. Claims 33-35 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hughes et al. (US 5,842,040) in view of TCP Protocol Specification. 

Regarding claim 33-35, Hughes et al. disclose all of the limitations as described 
above including examining control bits in the TCP header as required by claim 33 
(column 5, line 41 , where the TCP flags are found in the TCP header), operating a 
calculation if the first state includes logical "0" as required by claim 34 (column 5, lines 
45-47, where, Hughes et al. can examine the control bits and make sure they are in a 
certain range), and examine the specific control bits of SYN or FIN, as required by claim 
35 (column 5, line 41). These flags control what the TCP packet is doing and examining 
them can let the system act accordingly. Hughes et al. does not disclose if a control 
flag is set to a certain state such as RST, then examining the length field in the IP 
header, multiplying the data offset field in the TCP header by 4, and then subtracting the 
result from the length field. The general concept of finding out the data location from 
information in a header and finding out the control bits from the header such as RST is 
well known in the art as illustrated by the TCP Specification. The TCP Specification 
describes that the actual data begins from the offset field in the TCP header (Page 16). 
As well known in the art, a processor that can examine TCP header information can 
also examine these length fields and determine where the TCP data begins. The TCP 
Specification also describes that SYN, FIN, and RST are related control bits (page 16). 
It would have been obvious to one of ordinary skill in the art at the time of invention to 
modify Hughes et al. with finding the data starting location as taught by the TCP 
Specification in order to correctly find the location of the data, thus making the TCP data 
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available to the packet classifying system and making the system operate on more 
types of TCP packets. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Adam S. Weintrop whose telephone number is 571-270- 
1604. The examiner can normally be reached on Monday through Friday 7:30am- 
5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Frantz Jules can be reached on 571-272-6681 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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